wannacry_smb_445.pcap

MD50eb5b18a0a0795677fcfba92773c5cf4
Submission Date2017-11-26 08:51:33
Tagswannacry
Alert 1
Showing 1-1 of 1 item.
#
TimestampSrc IpDest IpAlert SignatureP
1
2017-05-12T11:10:24.660878-0700192.168.56.102222.165.223.177ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection*
DNS 4
Showing 1-4 of 4 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2017-05-12T11:10:09.966236-0700192.168.56.1028.8.8.8querywww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
2
2017-05-12T11:10:10.613675-07008.8.8.8192.168.56.102answerwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
3
2017-05-12T11:10:10.775542-0700192.168.56.1028.8.8.8querywww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
4
2017-05-12T11:10:11.176369-07008.8.8.8192.168.56.102answerwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comA(not set)
TLS 0
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
No results found.
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 0
#
TimestampSourceHostnamePortMethodURLStatus
No results found.
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 307
Showing 121-140 of 307 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
121
2017-05-12T11:10:47.739240-0700191027170111554flow192.168.56.10249685145.192.251.209445TCPpcapanalyzer
122
2017-05-12T11:10:47.739240-07001317305034404316flow192.168.56.10249762165.136.196.135445TCPpcapanalyzer
123
2017-05-12T11:10:47.739240-07001176567545299940flow192.168.56.1024956553.68.238.224445TCPpcapanalyzer
124
2017-05-12T11:10:47.739240-07001598964694184728flow192.168.56.102496267.244.111.201445TCPpcapanalyzer
125
2017-05-12T11:10:47.739240-07001317717349636147flow192.168.56.1024932214.112.44.180445TCPpcapanalyzer
126
2017-05-12T11:10:47.739240-07002021512166131993flow192.168.56.1024944473.93.25.85445TCPpcapanalyzer
127
2017-05-12T11:10:47.739240-070051367718448241flow192.168.56.10249671157.72.119.60445TCPpcapanalyzer
128
2017-05-12T11:10:47.739240-07001600442161988428flow192.168.56.1024935093.91.25.20445TCPpcapanalyzer
129
2017-05-12T11:10:47.739240-07001600794349874890flow192.168.56.1024950382.94.225.93445TCPpcapanalyzer
130
2017-05-12T11:10:47.739240-07001178727914707874flow192.168.56.10249790123.42.110.168445TCPpcapanalyzer
131
2017-05-12T11:10:47.739240-07001179505302312811flow192.168.56.10249387189.82.96.174445TCPpcapanalyzer
132
2017-05-12T11:10:47.739240-070054052072877521flow192.168.56.10249628215.55.15.47445TCPpcapanalyzer
133
2017-05-12T11:10:47.739240-070054507340122072flow192.168.56.10249811143.231.161.62445TCPpcapanalyzer
134
2017-05-12T11:10:47.739240-07002024922369960997flow192.168.56.10249399143.35.124.66445TCPpcapanalyzer
135
2017-05-12T11:10:47.739240-0700759152558731835flow192.168.56.10249561113.90.207.122445TCPpcapanalyzer
136
2017-05-12T11:10:47.739240-07002027370502871557flow192.168.56.10249826118.189.130.222445TCPpcapanalyzer
137
2017-05-12T11:10:47.739240-070057170219146420flow192.168.56.1024962182.141.97.134445TCPpcapanalyzer
138
2017-05-12T11:10:47.739240-0700340590815483303flow192.168.56.10249452164.6.250.103445TCPpcapanalyzer
139
2017-05-12T11:10:47.739240-07002170341372488619flow192.168.56.10249354217.138.103.61445TCPpcapanalyzer
140
2017-05-12T11:10:47.739240-07001889265829495444flow192.168.56.1024983581.205.97.103445TCPpcapanalyzer
File 0
#
TimestampSourceDestinationFile NameFile MagicFile Size
No results found.

Comments

Update Download PCAP Delete